<?php
session_start();
require "lib/db.php";
require "lib/user-function.php";

if(isset($_POST['btnLogin'])){
	$username = $_POST['txtUsername'];	
	$user= getUserByUsername($username);
	if(mysql_num_rows($user)==0){
		header("location:login.php?false=incorrectusername");
	}else{
		$password = $_POST['txtPassword'];
		$user = getUserByUsernameAndPassword($username,$password);
		if(mysql_num_rows($user)==0){
			header("location:login.php?false=incorrectpassword");
		}else{
			$user = mysql_fetch_array($user);
			if(!isset($_SESSION['username'])){
				$_SESSION['username'] = $user['Username'];
			}
			if(!isset($_SESSION['role'])){
				$_SESSION['role'] = $user['Role'];
			}
			if($_SESSION['role']!='admin'){
				header("location:list-customer.php");
			}else{
				header("location:index.php");
			}
		}
	}
}
?>